<?php
require("conexionmysql.php");
session_start();
$_SESSION=array();
echo "<title>Login</title>";

if ($_POST['user']) {
	$pass=sha1($_POST['password']);
	$sql="SELECT * FROM usuarios WHERE login='".htmlentities($_POST['user'])."' and password='".$pass."'";
	$result = mysqli_query ($dbc,$sql);
	$numfilas = @mysqli_num_rows($result); 
	if ($numfilas ==1) { //bien 
	while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
	
		$_SESSION["login"]=$row['login'];



	}
	include ('./includes/cabecera.html');
	
	
		
	}else
	{
		?>
		<script type="text/javascript">
		alert("\tUsuario o Password incorrecto \n \t Favor de verificar los datos");
		window.location = "./index.php";
		</script>

		<?php
	}

}

?>